Introduction to SHIELD Gate Products

What is SHIELD Gate?

SHIELD Gate isZero Trust-based Integrated Security GatewayIt fundamentally blocks security threats that occur when accessing external web and SaaS services, preventing data leakage and malware infections.

Key Concepts

Integrated Security Gateway

Integrated provision of web isolation, access control, file security, and remote access on a single platform.
Each function is not independent but is organically linked.
Establishing a consistent security framework with a single policy engine.

Zero Trust Architecture

"Never trust blindly, always verify."
Validate all access attempts and grant only the minimum permissions.
Dynamic permission control based on user, location, time, and device conditions.

agentless solution

No separate program installation required.
Use all features with just a web browser.
Minimize management and deployment burden

Why is the SHIELD Gate necessary?

Changing Work Environment

Distributed workforce

Work in various locations such as office, home, cafe, and abroad.
Increase in access to work systems through personal devices (BYOD)
Increase in external access from partner companies and vendors.

Scattered data

Data no longer exists only on the internal server.
Moving to cloud SaaS such as Microsoft 365, Google Workspace, etc.
Increase in the use of public cloud (AWS, Azure)

New Threats

Advanced threats such as zero-day attacks and ransomware
Phishing and targeted attacks through spear phishing
Concerns about sensitive information leakage when using generative AI.

Limitations of Existing Security Methods

Issues with VPN

1. Overall Network Trust

VPN 연결 → 내부망 전체 접근 가능
└─ 문제: 측면 이동(Lateral Movement) 공격 위험

After connecting to the VPN, users must be trusted unconditionally.
Devices infected with malware can access the internal network.
If one system is breached, it spreads throughout the entire internal network.

2. Installation and Management Burden

VPN client installation required on all devices.
Version control, update deployment burden
Frequent user configuration errors

3. Performance and Scalability Limitations

Performance degradation due to encryption
Simultaneous connection limit
Additional capacity expansion costs incurred.

Limitations of Web Filtering/Firewall

1. Block only known threats

블랙리스트 방식 → 알려진 악성 사이트만 차단
└─ 문제: 제로데이 공격, 새로운 위협 대응 불가

2. Inconvenience due to false positives

Normal sites are also blocked due to false positives.
Decreased work productivity
Increase in exception handling requests

3. Policy Management Complexity

Managing tens of thousands of URL lists
Policy conflicts and omissions occur.
Continuous updates required

Limitations of VDI

1. High construction costs

Server infrastructure setup cost
License cost
Maintenance cost

2. Performance Constraints

Graphic Work Limitations
Difficulty in use during network latency
Degradation of user experience

3. Management Complexity

Virtual Desktop Image Management
Resource Allocation and Optimization
Need for specialized personnel

Differentiating Features of SHIELD Gate

1. Complete Web Isolation (RBI)

SHIELD Gate: Use After Isolation

사이트 접속 → 격리 서버에서 실행 → 안전한 화면만 전송
└─ 효과: 모든 위협을 원천 차단

Operating Principle

Execute all web content (HTML, JavaScript, images, etc.) on an isolated server.
Only the rendered screen stream is transmitted to the user's PC.
Malware and scripts do not reach the user's PC.

Technical Features

Full support for the latest web standards with the use of the Chromium engine.
A user experience identical to existing browsers with low latency.
Supports all advanced web features including JavaScript, WebGL, and Webjet protocols.
WebJet™ Protocol: High-quality screen streaming developed by SOFTCAMP using standard HTTPS without a relay server (no separate firewall configuration required)

2. URL-based Policy Control

SHIELD Gate: URL-level Control

https://company.sharepoint.com → 허용
https://personal-account.onedrive.com → 차단
└─ 효과: 회사 테넌트만 선택적 허용

Application Example

URL pattern	Policy	Description
`company.sharepoint.com`	Allow all features	Company SharePoint
`*.onedrive.com`	Download Blocked	Blocking OneDrive Personal Account
`web.whatsapp.com`	Complete Isolation	WhatsApp Web Usage Restrictions
`chatgpt.com`	Keyboard input check	Safe Use of AI Services

3. Zerotrust-based Conditional Dynamic Access Control

SHIELD Gate: Conditional Dynamic Permissions

사무실(사내 IP) + 평일 근무시간 → 전체 권한
재택(사외 IP) + 평일 근무시간 → 제한 권한 + MFA
카페(공용 WiFi) → 조회만 가능 + 다운로드 차단
└─ 효과: 상황에 맞는 최소 권한 적용

Combination of 5 conditions

Condition	Example
User (Who)	Employee, Partner, Administrator
Location (Where)	In-house, remote, overseas
Time (When)	Working hours, night, weekend
Device (What)	Company PC, personal PC, mobile
Target (Which)	General system, sensitive data

Key Application Areas

VPN alternatives

Target Application: Organizations with many remote workers

No separate client installation required.
Resolving security issues that require unconditional trust in users after VPN connection.
Fast connection speed

Enhancing SaaS Security

Application TargetOrganizations using Microsoft 365, Google Workspace

Fine-grained control at the URL level
Blocking personal account
Automatic file download decontamination

Partner Access Management

Application Target: An organization with a lot of collaboration with external partners

Safe access from unmanaged PCs
Automatic Permission Management Based on Project Duration
Track all work history

Safe Use of Generative AI

Application TargetOrganizations that need to use AI tools like ChatGPT

Allow access to AI services + apply isolation
Automatic blocking of sensitive information input
Balancing Work Efficiency and Security

Compliance Response

Application Target: Personal Information Protection Act, organizations required to comply with industry-specific regulations

Detailed record of all access history
Sensitive Information Access Tracking
Automatic generation of audit materials

Authentication and Trustworthiness

GS Certification

Software quality and reliability verification completed.
Nationally Certified Quality Certification

Security Function Verification Certificate

Acquisition of national certified security function certification
Verification of Security Requirements Compliance

Copyright Registration

Program copyright ownership
Possession of independent technological capabilities

What is SHIELD Gate?​

Key Concepts​

Why is the SHIELD Gate necessary?​

Changing Work Environment​

Limitations of Existing Security Methods​

Issues with VPN​

Limitations of Web Filtering/Firewall​

Limitations of VDI​

Differentiating Features of SHIELD Gate​

1. Complete Web Isolation (RBI)​

2. URL-based Policy Control​

3. Zerotrust-based Conditional Dynamic Access Control​

Key Application Areas​

VPN alternatives​

Enhancing SaaS Security​

Partner Access Management​

Safe Use of Generative AI​

Compliance Response​

Authentication and Trustworthiness​